Uncertainty remains over Panera Bread data breach
Panera Bread might have accidentally leaked millions of customer records, according to a story published Monday by Brian Krebs, a former reporter for The Washington Post, on his website, Krebs On Security. The article said that the breach had been ongoing for the past eight months and included names, email and physical addresses, birthdays and the last four digits of customers' credit card numbers.
Panera Bread, however, has denied that the breach exposed a "large number of records." The company told FOX Business that a security flaw on its website might have exposed the data of thousands of customers, not millions
Panera has not yet returned a request for comment from Mobile Payments Today sister publication Fast Casual regarding the alleged breach, but chief information officer John Meister said in a statement to FOX Business that Panera takes data security very seriously and that the issue has been resolved.
"Following reports today of a potential problem on our website, we suspended the functionality to repair the issue," he said. "Our investigation is continuing, but there is no evidence of payment card information nor a large number of records being accessed or retrieved.”
The Krebs story claimed that Panera was alerted to the breach in August and that indexed data from Panera's website indicated that more than 7 million customers might have been affected.
However, Meister told FOX that Panera's own investigation found that fewer than 10,000 consumers were potentially affected.
"We are working diligently to finalize our investigation and take the appropriate next steps," he said.